Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,875
Maven
5,000+
npm
4,501
NuGet
780
pip
4,254
Pub
12
RubyGems
975
Rust
1,099
Swift
49
Unreviewed advisories
All unreviewed
5,000+

117,809 advisories

Loading
In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized... High Unreviewed
CVE-2026-24881 was published Jan 27, 2026
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the... High Unreviewed
CVE-2026-24882 was published Jan 27, 2026
EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows... High Unreviewed
CVE-2020-36975 was published Jan 27, 2026
SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service... High Unreviewed
CVE-2020-36980 was published Jan 27, 2026
Motorola Device Manager 2.4.5 contains an unquoted service path vulnerability in the PST Service... High Unreviewed
CVE-2020-36981 was published Jan 27, 2026
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local... High Unreviewed
CVE-2020-36983 was published Jan 27, 2026
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its... High Unreviewed
CVE-2020-36979 was published Jan 27, 2026
Wondershare Driver Install Service contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2020-36977 was published Jan 27, 2026
Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2020-36982 was published Jan 27, 2026
Acer Global Registration Service 1.0.0.3 contains an unquoted service path vulnerability in its... High Unreviewed
CVE-2020-36976 was published Jan 27, 2026
Realtek Andrea RT Filters 1.0.64.7 contains an unquoted service path vulnerability that allows... High Unreviewed
CVE-2020-36974 was published Jan 27, 2026
PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files High
CVE-2026-24747 was published for pytorch (pip) Jan 27, 2026
azraelxuemo
Credited to azraelxuemo
NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful... High Unreviewed
CVE-2025-33234 was published Jan 27, 2026
The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests... High Unreviewed
CVE-2026-0918 was published Jan 27, 2026
Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before... High Unreviewed
CVE-2026-24875 was published Jan 27, 2026
By sending crafted files to the firmware update endpoint of Tapo C220 v1 and C520WS v2, the... High Unreviewed
CVE-2026-1315 was published Jan 27, 2026
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed... High Unreviewed
CVE-2025-14911 was published Jan 27, 2026
The HTTP parser of Tapo C220 v1 and C520WS v2 cameras improperly handles requests containing an... High Unreviewed
CVE-2026-0919 was published Jan 27, 2026
A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer... High Unreviewed
CVE-2026-23593 was published Jan 27, 2026
Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could... High Unreviewed
CVE-2026-23592 was published Jan 27, 2026
Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before... High Unreviewed
CVE-2026-24873 was published Jan 27, 2026
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects... High Unreviewed
CVE-2026-24869 was published Jan 27, 2026
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6... High Unreviewed
CVE-2026-24831 was published Jan 27, 2026
VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote... High Unreviewed
CVE-2020-36948 was published Jan 27, 2026
Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to... High Unreviewed
CVE-2020-36950 was published Jan 27, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database